Microsoft – Set the account lockout threshold to recommended value

Netwrix – Account Lockout Best Practices

Palantir Blog – Windows Privilege Abuse: Auditing, Detection, and Defense

Five Golden Rules for Contractors to Meet New DoD Cyber Mandate

NIST – Privileged Account Management

ISACA – Implementing Segregation of Duties: A Practical Experience Based on Best Practices

TOTEM – Why is separation of duties required by NIST 800-171 and CMMC?

Brookhaven National Laboratory – Example Separation of Duties Policy

CSO – Separation of duties and IT security

NIST SP 800-53: AC-5 Separation of Duties